The ability of financial institutions’ compliance functions to manage risk is challenged on multiple fronts, including rising expectations that they play a stronger, more strategic role in front-office processes, the increased volume and complexity of regulations, and a lagging data and technology architecture, according to a new compliance risk report from global professional services company Accenture.
The latest of Accenture’s annual reports on compliance risk, “Compliance at a Crossroads: One Step Forward, Two Steps Back?,” is based on a survey of more than 150 compliance officers at banking, insurance and capital markets firms across the Americas, Europe, and Asia-Pacific.
The report notes that the compliance function is continually pressured to be better entwined with company strategy.
Nearly half of respondents to the survey stated that the number one capability required for Compliance over the next year is a better understanding of how customer expectations are changing. Gaining this insight can help Compliance take a stronger role in front office processes such as product design, sales and distribution, or, for example, advising the front office on the risks of originating new business with politically exposed persons. Being more proactive with these types of contributions should allow Compliance to better illustrate to a CEO the value it can add to the business.
Nevertheless, barriers to acting as a true strategic partner to the business are increasing, highlighted by the fact that only 31 percent of compliance functions, as represented by respondents, now report to the CEO, a 9 percent decline from 2014.
Another challenge is the fine balance necessary for acting as an advisor while remaining an objective control function. More than half (63 percent) think that a stronger compliance role in front line processes will create a risk for the function’s independence, blurring of the line between the function’s dual advisory-and-control roles.
This means that a key strategic priority for Compliance will be to assess its relationships with other first- and second-line functions, such as operational risk, human resources, and technology. Better understanding and improved communication of its value as a risk management function and its role within the broader enterprise-wide risk management framework will be critical to continuing to develop stature within the financial institution, the study proposes.
“Compliance is in a unique position to leverage its dual advisory and control roles to offer distinct value to the front office,” says Steve Culp, senior managing director of Accenture’s finance and risk services practice. “To maintain its position as a key strategic advisor to the business, the compliance function needs to develop more sophisticated business capabilities and play a stronger role in front-office functions. Understanding the customer is critical and will enable the function to become more deeply involved in processes such as product design and sales and distribution.”
The vast majority (87 percent) of survey respondents said that senior data officers will be a key organizational link for compliance to help rationalize data and drive informed decision-making. “Armed with these skills, the function will be better able to maintain its seat at the table,” the report says. Enhanced technology sophistication will provide financial institutions with the ability to manage threats such as cyber-risk, financial crime, and business risks, all of which were cited by respondents as the top risks that their organizations will face in the next three years. Leveraging technology to manage risks can also reduce costs and enhance the consistency of controls that facilitate standardized regulatory reporting.
More than three-quarters of respondents (81 percent) acknowledged that managing a more complex set of risks with fewer resources will require the compliance function to optimize operations. Also, two-thirds of respondents said that improving systems and adopting new technology tools will be the most important change that the compliance function will need to make in the next year if it is to manage risks effectively. Among the technology-related changes that might have the biggest impact are the use of industry shared services, which 80 percent of respondents said will become critical as industry data protection improves; and process automation, including robotics, which 73 percent or respondents said will improve efficiency.